[3.5] ldb: Denial of Service Attack on DNS and LDAP server (CVE-2018-1140)
Missing input sanitization checks on some of the input parameters to
LDB database layer cause the LDAP server and DNS server to crash when
following a NULL pointer.
Fixed In Version:
ldb 1.4.1, ldb 1.3.5
References:
https://www.samba.org/samba/security/CVE-2018-1140.html
https://www.samba.org/samba/history/security.html
(from redmine: issue id 9259, created on 2018-08-16, closed on 2018-08-22)
- Relations:
- copied_to #9254 (closed)
- parent #9254 (closed)